package com.example.mybatisdemo.controller;

import com.example.mybatisdemo.model.UserInfo;
import com.example.mybatisdemo.service.UserSeverice;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
@RequestMapping("/user")
public class UserController {
    @Autowired
    private UserSeverice severice;
    @RequestMapping("/getList")
    public List<UserInfo> getListAll(){
        return severice.getListAll();
    }

    //演示用户登录的sql注入操作
    @RequestMapping("/login")
    public Boolean login(String username,String password){
        if(!StringUtils.hasLength(username)||!StringUtils.hasLength(password)){
            return false;
        }
        UserInfo userInfo = severice.queryByNameAndPassword(username,password);
        if (userInfo == null) return false;
        return true;
    }
}
